23 of 23 SIEM Jobs in the West Midlands

investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft Sentinel. Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service More ❯

Qualys or similar platforms). Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g., CompTIA Security+, CISSP, CISM) are desirable. More ❯

Automated security monitoring Lead third-party risk management & vendor security programmes Experience of DevSecOps practises and SDLC Design/Implement security frameworks - ISO 27001, NIST Hands-on experience of SIEM, DLP, IAM, Endpoint Technology The permanent opportunity for a Information Security Manager, will pay a salary up to £85,000 with bonus, based out of the central Birmingham offices - one More ❯

Years Must Have/Mandatory Skills Palo Alto Networks – Firewalls (MUST) Network Security Architecture IAM, MFA, AAA, RBAC, Privilege Access Cloud Security (OCI/Azure/AWS) SIEM/Vulnerability Management/PKI/Cryptography LAN/WAN/DMZ/Routing/Switching/Subnetting Key Responsibilities Design/Architect network security infra solutions like Firewalls, IDPS, Proxy, Load More ❯

prem infrastructure on virtualized platform , networking, and storage. * Ability to produce HLDs and LLDs with clarity and precision. * Excellent communication and stakeholder engagement skills. * Involved with integrating SentinelOne with SIEM/SOAR platforms (e.g., Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: * SentinelOne certifications (e.g., SentinelOne Certified Architect or equivalent). * Scripting knowledge (e.g., PowerShell, Python) for automation More ❯

required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS Cyber Security, Vulnerability Management, Penetration Testing, Risk Assessment, Compliance, PCI DSS, Security Tooling, Governance, SIEM, Endpoint Security, Security Investigations More ❯

components to ensure visibility and completeness of data collection. Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK … assist SOC analysts in conducting triage and escalation. SOC Maturity & Policy Development: Contribute to the development of SOC processes and policies, including detection logic lifecycle, alert tuning procedures, and SIEM configuration governance. Play a key role in maturing the operational use of SIEM tooling and automation within the SOC environment. Defence Writing & JSP Familiarity: Prepare formal documentation in line with … Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as More ❯

cybersecurity matters, advising senior leadership and collaborating across departments. What We're Looking For Security leadership experience in a complex organisation, ideally with team management responsibilities. Technical security background: SIEM, EDR and vulnerability management tools Strong background in vulnerability and risk management, including scanning, assessing, and mitigating risks. Hands-on experience securing Microsoft environments, covering cloud infrastructure, Active Directory/ More ❯

to drive through change Excellent team working skills including the ability to work effectively within a geographically disparate team Advantageous: Experience with containerization technology and orchestration platforms e.g. Kubernetes SIEM Experience with Elastic Stack (ELK) Knowledge of ArgoCD, Terraform Knowledge CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform Knowledge of Offensive testing frameworks Message processing using Kafka, Rabbit More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge - LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

to the team's success. Key Requirements: Vendor certification of the following would be beneficial: VMware, MS Windows System Support, Cisco knowledge LAN/WAN, Juniper, IP Trade. McAfee SIEM Security - Security Information Events Management knowledge IT/ICT further education What we offer: A career at Telent can span many sectors, roles, technologies and clients giving you the opportunity More ❯

solutions Contributing to and maintaining CI/CD pipelines Driving ISO 27000 implementation and supporting ongoing compliance initiatives Introducing and managing cybersecurity tools such as vulnerability scanners, endpoint protection, SIEM, and cloud security monitoring solutions Requirements: Extensive experience in a DevOps team lead role using AWS, (IAM, S3, EKS). Experience with IaC such as Terraform.. Cloud formation/CDK More ❯

Collaborate with the Product Manager to establish governance frameworks. Essential Skills & Experience: Proven experience in product ownership or agile delivery roles. Strong stakeholder management and communication skills. Experience with SIEM tools, ideally Microsoft Sentinel. Understanding of InfoSec principles and digital product delivery. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this More ❯

include: Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Role Assisting in monitoring network traffic and security alerts to identify potential threats. Supporting investigations into security incidents, gathering evidence and documenting findings. Using Security Information and Event Management (SIEM) tools to detect and analyse suspicious activities. Collaborating with the cyber security team to respond to incidents and implement mitigation strategies. Helping maintain and update incident response documentation and procedures. More ❯

Security (SIEM) Architect Location: Warwick, Hybrid IR Status: TBC Rate: £600 - £800 Length : 6-12 months, TBC Clearance: Must have active SC clearance. An exciting opportunity has emerged with an organisaiton supplying complex architectural, technical and delivery solutions across the UK Secure Government and Public Sectors. They are looking to bring in a specialist security archietct, with demonstrable experience of … having architected a SIEM capability ustiling the Elasticsearch toolset. There has been an initial scoping, you will come in and provide a full-scale holistic solution and will have the support of the architetural team that provided the initial scope. Architecture & Design Define and implement SIEM architecture using Elastic Stack (Elasticsearch, Logstash, Kibana, Beats). Design log ingestion pipelines, data … models, and correlation rules for security monitoring. Develop observability frameworks integrating logs, metrics, and traces. Implementation & Engineering Deploy and configure ElasticSearch clusters, Kibana dashboards, and Logstash pipelines. Integrate SIEM with cloud-native observability tools (AWS CloudWatch, Azure Monitor, GCP Operations Suite). Automate log collection and enrichment using Beats, OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain More ❯

Management: Plan and execute major database upgrades and periodic patching to maintain system stability. Database Logging & Monitoring: Configure and manage database logs for integration into a SIEM (Security information and event management) solution for monitoring and security compliance. High Availability & Failover Management: Monitor, maintain and orchestrate manual failover and failback procedures to maintain uptime. Automation & Scripting: Develop scripts using SQL More ❯

is operational and hands-on, maintaining and enhancing existing tools and controls, monitoring vulnerabilities and ensuring systems are patched and secure. Responsibilities: * Managing and optimising security tools and platforms (SIEM, XDR, IDAM policies etc.) * Monitoring vulnerabilities, investigating incidents and implementing corrective actions * Supporting patching compliance and vulnerability remediation * Ensuring security best practices are applied across networks, applications and systems * Participating … network engineering * Some exposure to, or a growing focus on, cybersecurity and vulnerability management * Understanding of network devices, configurations and security principles * Familiarity with common tools and concepts (e.g. SIEM, DLP, endpoint protection, firewalls, Cisco Secure Connect, etc.) * Confidence to identify issues, suggest improvements and work collaboratively across teams * A genuine passion for cyber security * Certifications such as CISSP, SC More ❯

Consultant, Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test … Consultant, Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test More ❯

MonthsInside IR35 My Client a leading telecoms company is looking for a Devops Engineer to join their Security Engineering team. This role is pivotal in delivering a strategic SIEM platform that supports client's infrastructure security and compliance requirements. You'll lead the implementation of automation strategies, manage Kubernetes-based infrastructure, and drive DevOps excellence across CI/CD pipelines. … Key Responsibilities Lead technical delivery of SIEM platform automation and infrastructure. Manage Kubernetes clusters and Elastic Stack deployments (ECK). Own CI/CD pipeline design, implementation, and troubleshooting. Collaborate with cross-functional teams to streamline software delivery. Act as product owner for sprint planning and backlog management. Mentor engineers and promote DevOps best practices. Essential Skills Strong experience with … GitLab CI, GitHub Actions). Proficient in Python, JavaScript, Golang. Experience with monitoring tools (Grafana, ELK). Agile delivery and JIRA proficiency. Excellent communication and documentation skills. Desirable Skills SIEM experience, particularly with Elastic Stack. Knowledge of ArgoCD, Terraform, Ansible, Jenkins. Familiarity with Kafka, RabbitMQ, and cloud platforms (OpenStack, Azure, AWS). Understanding of Telecoms Security Act (TSA) and regulatory More ❯

using Postfix. Interpret and implement Low-Level Design documentation. Ensure secure mail routing and compliance with enterprise security standards. Integrate Postfix with core enterprise solutions such as VCF, HPE, SIEM, and LDAP/AD. Troubleshoot mail delivery and server performance issues. Automate and monitor processes using scripting (e.g., Bash, Python). Produce comprehensive technical documentation. Required Skills & Experience: Extensive hands … Proficiency in Linux system administration (RHEL, CentOS, Ubuntu). Experience with TLS, SPF/DKIM/DMARC, and SASL protocols. Ability to integrate Postfix into enterprise systems (VCF, HPE, SIEM, LDAP/AD). Strong troubleshooting and problem-solving skills. Scripting experience for automation and monitoring (Bash, Python). Excellent technical documentation skills. Preferred Qualifications: Knowledge of high availability, load More ❯

using Postfix. Interpret and implement Low-Level Design documentation. Ensure secure mail routing and compliance with enterprise security standards. Integrate Postfix with core enterprise solutions such as VCF, HPE, SIEM, and LDAP/AD. Troubleshoot mail delivery and server performance issues. Automate and monitor processes using scripting (e.g., Bash, Python). Produce comprehensive technical documentation. Required Skills & Experience: Extensive hands … Proficiency in Linux system administration (RHEL, CentOS, Ubuntu). Experience with TLS, SPF/DKIM/DMARC, and SASL protocols. Ability to integrate Postfix into enterprise systems (VCF, HPE, SIEM, LDAP/AD). Strong troubleshooting and problem-solving skills. Scripting experience for automation and monitoring (Bash, Python). Excellent technical documentation skills. Preferred Qualifications: Knowledge of high availability, load More ❯